Blame SOURCES/httpd-2.4.27-CVE-2017-9798.patch
|
 |
6670f0 |
--- a/server/core.c 2017/09/08 13:10:16 1807753
|
|
|
6670f0 |
+++ b/server/core.c 2017/09/08 13:13:11 1807754
|
|
|
6670f0 |
@@ -2266,6 +2266,12 @@
|
|
|
6670f0 |
/* method has not been registered yet, but resource restriction
|
|
|
6670f0 |
* is always checked before method handling, so register it.
|
|
|
6670f0 |
*/
|
|
|
6670f0 |
+ if (cmd->pool == cmd->temp_pool) {
|
|
|
6670f0 |
+ /* In .htaccess, we can't globally register new methods. */
|
|
|
6670f0 |
+ return apr_psprintf(cmd->pool, "Could not register method '%s' "
|
|
|
6670f0 |
+ "for %s from .htaccess configuration",
|
|
|
6670f0 |
+ method, cmd->cmd->name);
|
|
|
6670f0 |
+ }
|
|
|
6670f0 |
methnum = ap_method_register(cmd->pool,
|
|
|
6670f0 |
apr_pstrdup(cmd->pool, method));
|
|
|
6670f0 |
}
|